Skip to content

Semantic Release

Semantic Release #118

name: Semantic Release
on:
workflow_run:
workflows: [CI]
types: [completed]
branches:
- master
- beta
- alpha
- '*.x'
jobs:
semantic-release:
name: Semantic Release
runs-on: ubuntu-24.04
if: github.event.workflow_run.conclusion == 'success' && github.repository == 'serious-scaffold/ss-pybind11'
permissions:
contents: write
id-token: write
issues: write
pull-requests: write
steps:
- name: Generate a bot token with BOT_APP_ID
id: bot_token
if: vars.BOT_APP_ID && env.BOT_PRIVATE_KEY != null
uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1
env:
BOT_PRIVATE_KEY: ${{ secrets.BOT_PRIVATE_KEY }}
with:
app-id: ${{ vars.BOT_APP_ID }}
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
- name: Warn if use GITHUB_TOKEN
if: env._GITHUB_TOKEN == env._TO_BE_VERIFIED_TOKEN
env:
_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
_TO_BE_VERIFIED_TOKEN: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
run: |
echo "# :warning: GITHUB_TOKEN is used" >> $GITHUB_STEP_SUMMARY
echo "The GITHUB_TOKEN is used instead of a bot token or PAT that will not emit the released publish event for triggering a released workflow." >> $GITHUB_STEP_SUMMARY
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
token: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
- name: Setup Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4
with:
node-version: lts/*
- name: Semantic Release
env:
GITHUB_TOKEN: ${{ steps.bot_token.outputs.token || secrets.PAT || secrets.GITHUB_TOKEN }}
run: >
npx
--package conventional-changelog-conventionalcommits@7
--package semantic-release@22
semantic-release